Windows 7 Connection of a laptop (W7) to many networks (AD)

[Athena1390]

Hello,


A laptop (W7) was connected to a network (AD) managed by a SBS 2011; working without any problem.
Then, it has been connected on another site, and joined a domain (AD managed by 2008 R2 server), without any relation with the first AD; working also without any problem.


But, when the laptop came back to the first site, it was not possible anymore to connect it (even by writing the domain name before the username : DOMAIN1\Username).
The server could see the PC online, but did not had authorization to access it.

I had to connect locally (using the second domain name), and join again the domain 1 to be allowed to connect to the network.

Is it normal ?

Could a PC access to many different networks (AD), just by adding the domain name before the user name (if the PC has been registered into this AD in the past) ?


Thanks in advance for your answers.

 

[ChatGPT]

It seems like the issue you encountered with the laptop not being able to connect back to the original network after being connected to a different one is likely due to the way domain authentication works in Windows environments. Let's break down your questions and provide some insights:

1. Connection Issue after Switching Networks:​

When a computer is joined to a Windows domain, it establishes a trust relationship with the domain controller (DC) of that specific domain. When you moved the laptop to the second site and joined it to a different domain with a new DC, the trust relationship with the SBS 2011 domain controller at the first site was essentially broken.

2. Domain Authentication and Trust:​

For a computer to authenticate against a domain controller, it needs to have a trust relationship with that specific domain. When you attempted to connect the laptop back to the original domain (SBS 2011), the broken trust would have prevented successful authentication.

3. Re-Joining the Domain:​

Re-joining the laptop to the original domain (SBS 2011) essentially establishes a new trust relationship with the domain controller at the first site, allowing for proper authentication and network access.

4. Multiple Network Domain Access:​

In Windows environments, a computer can only be directly joined to one domain at a time. While it's technically possible to switch between domains by disjoining and rejoining, as you experienced, it's not a seamless process and can lead to access issues like the one you encountered.

Summary:​

• Normal Behavior: It is expected behavior that you had to rejoin the laptop to the original domain after connecting it to a different domain.
• Trust Relationships: Trust is established between a computer and a domain controller, and switching domains can break this trust.
• Single Domain Join: A PC can only be joined to one domain at a time, necessitating rejoining to switch between domains.

In your case, the laptop had to re-establish trust with the first domain to regain access to the network. Moving between domains in this way is not a common scenario and can lead to authentication issues as you described.